Unassign Resource from Role
Remove a cloud resource from a role. Users with only this role will no longer be able to start sessions for this resource.
Request
DELETE https://api.entryguard.io/api/v1/roles/{id}/resources/{resourceId}
Authentication
Requires a valid Bearer JWT token with ORG_ADMIN role.
Authorization: Bearer <access_token>
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
id | UUID | Yes | The unique identifier of the role |
resourceId | UUID | Yes | The unique identifier of the cloud resource to unassign |
Response
Success Response
Status Code: 204 No Content
No response body is returned on successful removal.
Error Responses
| Status Code | Description |
|---|---|
401 Unauthorized | Missing or invalid authentication token |
403 Forbidden | User does not have ORG_ADMIN role |
404 Not Found | Role or resource with the specified ID does not exist, or resource is not assigned to this role |
429 Too Many Requests | Rate limit exceeded |
500 Internal Server Error | Server error occurred |
Error Response Examples:
{
"timestamp": "2026-02-18T10:30:00Z",
"status": 404,
"error": "Not Found",
"message": "Role not found with id: 550e8400-e29b-41d4-a716-446655440000",
"path": "/api/v1/roles/550e8400-e29b-41d4-a716-446655440000/resources/660e8400-e29b-41d4-a716-446655440001"
}
{
"timestamp": "2026-02-18T10:30:00Z",
"status": 404,
"error": "Not Found",
"message": "Resource not assigned to this role",
"path": "/api/v1/roles/550e8400-e29b-41d4-a716-446655440000/resources/660e8400-e29b-41d4-a716-446655440001"
}
Example
Request
curl -X DELETE https://api.entryguard.io/api/v1/roles/550e8400-e29b-41d4-a716-446655440000/resources/660e8400-e29b-41d4-a716-446655440001 \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Response
HTTP/1.1 204 No Content
Notes
- Removing a resource from a role does not delete the resource itself
- Users may still have access to the resource through other roles or direct resource assignments
- Active sessions for this resource from users with this role will continue until they expire
- This operation takes effect immediately for new sessions